Embed Size (px)
Citation preview
Magdi S. Mahmoud
Yuanqing Xia
ANALYSIS AND SYNTHESIS OF FAULT-TOLERANT CONTROL SYSTEMS
ANALYSIS ANDSYNTHESIS OFFAULT-TOLERANTCONTROL SYSTEMS
ANALYSIS ANDSYNTHESIS OFFAULT-TOLERANTCONTROL SYSTEMS
Magdi S. MahmoudKing Fahd University of Petroleum and Minerals, Saudi Arabia
Yuanqing XiaBeijing Institute of Technology, China
This edition first published 2014C© 2014 John Wiley & Sons, Ltd
Registered officeJohn Wiley & Sons Ltd, The Atrium, Southern Gate, Chichester, West Sussex, PO19 8SQ, United Kingdom
For details of our global editorial offices, for customer services and for information about how to apply forpermission to reuse the copyright material in this book please see our website at www.wiley.com.
The right of the author to be identified as the author of this work has been asserted in accordance with the Copyright,Designs and Patents Act 1988.
All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in anyform or by any means, electronic, mechanical, photocopying, recording or otherwise, except as permitted by the UKCopyright, Designs and Patents Act 1988, without the prior permission of the publisher.
Wiley also publishes its books in a variety of electronic formats. Some content that appears in print may not beavailable in electronic books.
Designations used by companies to distinguish their products are often claimed as trademarks. All brand names andproduct names used in this book are trade names, service marks, trademarks or registered trademarks of theirrespective owners. The publisher is not associated with any product or vendor mentioned in this book.
Limit of Liability/Disclaimer of Warranty: While the publisher and author have used their best efforts in preparingthis book, they make no representations or warranties with respect to the accuracy or completeness of the contents ofthis book and specifically disclaim any implied warranties of merchantability or fitness for a particular purpose. It issold on the understanding that the publisher is not engaged in rendering professional services and neither thepublisher nor the author shall be liable for damages arising herefrom. If professional advice or other expertassistance is required, the services of a competent professional should be sought.
Library of Congress Cataloging-in-Publication Data
Mahmoud, Magdi S.Analysis and synthesis of fault-tolerant control systems / Magdi S. Mahmoud, Yuanqing Xia.
pages cmIncludes bibliographical references and index.ISBN 978-1-118-54133-3 (cloth)
1. Automatic control. 2. Fault tolerance (Engineering) 3. Control theory. I. Xia, Yuanqing. II. Title.III. Title: Analysis and synthesis of FTCS.
TJ213.M268428 2013629.8–dc23
2013023504
A catalogue record for this book is available from the British Library.
ISBN: 978-1-118-54133-3
Typeset in 10/12pt Times by Aptara Inc., New Delhi, India
1 2014
To my loving wife, SalwaTo the ‘M’ family:
Medhat, Monda, Mohamed,Menna, Malak, Mostafa
and Mohamed
MSM
To my honest and diligentwife, Wang Fangyu
To my lovely daughter,Xia Jingshu
YX
Contents
Preface xv
Acknowledgments xvii
1 Introduction 11.1 Overview 11.2 Basic Concepts of Faults 21.3 Classification of Fault Detection Methods 3
1.3.1 Hardware redundancy based fault detection 31.3.2 Plausibility test 31.3.3 Signal-based fault diagnosis 41.3.4 Model-based fault detection 5
1.4 Types of Fault-Tolerant Control System 81.5 Objectives and Structure of AFTCS 81.6 Classification of Reconfigurable Control Methods 10
1.6.1 Classification based on control algorithms 101.6.2 Classification based on field of application 11
1.7 Outline of the Book 111.7.1 Methodology 111.7.2 Chapter organization 12
1.8 Notes 13References 13
2 Fault Diagnosis and Detection 172.1 Introduction 172.2 Related Work 17
2.2.1 Model-based schemes 172.2.2 Model-free schemes 182.2.3 Probabilistic schemes 19
2.3 Integrated Approach 192.3.1 Improved multi-sensor data fusion 192.3.2 Unscented transformation 212.3.3 Unscented Kalman filter 22
viii Contents
2.3.4 Parameter estimation 232.3.5 Multi-sensor integration architectures 24
2.4 Robust Unscented Kalman Filter 262.4.1 Introduction 262.4.2 Problem formulation 282.4.3 Residual generation 292.4.4 Residual evaluation 29
2.5 Quadruple Tank System 302.5.1 Model of the QTS 312.5.2 Fault scenarios in QTS 322.5.3 Implementation structure of UKF 332.5.4 UKF with centralized multi-sensor data fusion 352.5.5 UKF with decentralized multi-sensor data fusion 352.5.6 Drift detection 35
2.6 Industrial Utility Boiler 382.6.1 Steam flow dynamics 382.6.2 Drum pressure dynamics 402.6.3 Drum level dynamics 402.6.4 Steam temperature 412.6.5 Fault model for the utility boiler 422.6.6 Fault scenarios in the utility boiler 432.6.7 UKF with centralized multi-sensor data fusion 432.6.8 UKF with decentralized multi-sensor data fusion 432.6.9 Drift detection 452.6.10 Remarks 45
2.7 Notes 46References 46
3 Robust Fault Detection 493.1 Distributed Fault Diagnosis 49
3.1.1 Introduction 493.1.2 System model 503.1.3 Distributed FDI architecture 553.1.4 Distributed fault detection method 553.1.5 Adaptive thresholds 573.1.6 Distributed fault isolation method 623.1.7 Adaptive thresholds for DFDI 643.1.8 Fault detectability condition 673.1.9 Fault isolability analysis 693.1.10 Stability and learning capability 71
3.2 Robust Fault Detection Filters 743.2.1 Reference model 743.2.2 Design of adaptive threshold 763.2.3 Iterative update of noise mean and covariance 773.2.4 Unscented transformation (UT) 793.2.5 Car-like mobile robot application 82
Contents ix
3.3 Simultaneous Fault Detection and Control 903.3.1 Introduction 933.3.2 System model 933.3.3 Problem formulation 953.3.4 Simultaneous fault detection and control problem 963.3.5 Two-tank system simulation 106
3.4 Data-Driven Fault Detection Design 1083.4.1 Introduction 1093.4.2 Problem formulation 1113.4.3 Selection of weighting matrix 1123.4.4 Design of FDF for time-delay system 1133.4.5 LMI design approach 1143.4.6 Four-tank system simulation 119
3.5 Robust Adaptive Fault Estimation 1223.5.1 Introduction 1243.5.2 Problem statement 1253.5.3 Adaptive observer 127
3.6 Notes 131References 131
4 Fault-Tolerant Control Systems 1354.1 Model Prediction-Based Design Approach 135
4.1.1 Introduction 1354.1.2 System description 1364.1.3 Discrete-time UKF 1384.1.4 Unscented Transformation (UT) 1414.1.5 Controller reconfiguration 1434.1.6 Model predictive control 1444.1.7 Interconnected CSTR units 1494.1.8 Four-tank system 1514.1.9 Simulation results 1524.1.10 Drift detection in the interconnected CSTRs 1524.1.11 Information fusion from UKF 1524.1.12 Drift detection in the four-tank system 156
4.2 Observer-Based Active Structures 1604.2.1 Problem statement 1604.2.2 A separation principle 1624.2.3 FDI residuals 1644.2.4 Control of integrity 1644.2.5 Overall stability 1654.2.6 Design outline 1654.2.7 Design of an active FTC scheme 1664.2.8 Extraction of FDI–FTC pairs 1664.2.9 Simulation 169
4.3 Notes 172References 172
x Contents
5 Fault-Tolerant Nonlinear Control Systems 1755.1 Comparison of Fault Detection Schemes 1755.2 Fault Detection in Nonlinear Systems 1765.3 Nonlinear Observer-Based Residual Generation Schemes 176
5.3.1 General considerations 1765.3.2 Extended Luenberger observer 1775.3.3 Nonlinear identity observer approach 1775.3.4 Unknown input observer approach 1785.3.5 The disturbance decoupling nonlinear observer approach 1785.3.6 Adaptive nonlinear observer approach 1785.3.7 High-gain observer approach 1785.3.8 Sliding-mode observer approach 1785.3.9 Geometric approach 1795.3.10 Game-theoretic approach 1795.3.11 Observers for Lipschitz nonlinear systems 1795.3.12 Lyapunov-reconstruction-based passive scheme 1805.3.13 Time-varying results 1855.3.14 Optimization-based active scheme 1875.3.15 Learning-based active scheme 1905.3.16 Adaptive backstepping-based active scheme 1915.3.17 Switched control-based active scheme 1935.3.18 Predictive control-based active scheme 195
5.4 Integrated Control Reconfiguration Scheme 1975.4.1 Introduction 1975.4.2 Basic features 1985.4.3 Nonlinear model of a pendulum on a cart 1995.4.4 NGA adaptive filter design 2015.4.5 Simulation results 2075.4.6 Performance evaluation 2095.4.7 Comparative studies 211
5.5 Notes 215References 215
6 Robust Fault Estimation 2196.1 Introduction 2196.2 System Description 2206.3 Multiconstrained Fault Estimation 221
6.3.1 Observer design 2216.3.2 Existence conditions 2266.3.3 Improved results 2286.3.4 Simulation results 232
6.4 Adaptive Fault Estimation 2356.4.1 Introduction 2366.4.2 Problem statement 2386.4.3 Robust adaptive estimation 2396.4.4 Internal stability analysis 240
Contents xi
6.4.5 Robust performance index 2416.4.6 Simulation 242
6.5 Adaptive Tracking Control Scheme 2446.5.1 Attitude dynamics 2446.5.2 Fault detection scheme 2486.5.3 Fault-tolerant tracking scheme 250
6.6 Notes 254References 254
7 Fault Detection of Networked Control Systems 2577.1 Introduction 2577.2 Problem Formulation 2587.3 Modified Residual Generator Scheme 259
7.3.1 Modified residual generator and dynamic analysis 2597.3.2 Residual evaluation 2617.3.3 Co-design of residual generator and evaluation 264
7.4 Quantized Fault-Tolerant Control 2677.4.1 Introduction 2677.4.2 Problem statement 2687.4.3 Quantized control design 2717.4.4 Simulation 276
7.5 Sliding-Mode Observer 2787.5.1 Introduction 2787.5.2 Dynamic model 2807.5.3 Limited state measurements 2867.5.4 Simulation results: full state measurements 2907.5.5 Simulation results: partial state measurements 293
7.6 Control of Linear Switched Systems 2947.6.1 Introduction 2957.6.2 Problem formulation 2957.6.3 Stability of a closed-loop system 2967.6.4 Simulation 300
7.7 Notes 303References 303
8 Industrial Fault-Tolerant Architectures 3078.1 Introduction 3078.2 System Architecture 3088.3 Architecture of a Fault-Tolerant Node 309
8.3.1 Basic architecture 3098.3.2 Architecture with improved reliability 3108.3.3 Symmetric node architecture 3108.3.4 Results 311
8.4 Recovery Points 3128.5 Networks 3148.6 System Fault Injection and Monitoring 315
xii Contents
8.6.1 Monitoring systems 3158.6.2 Design methodology 316
8.7 Notes 318References 319
9 Fault Estimation for Stochastic Systems 3219.1 Introduction 3219.2 Actuator Fault Diagnosis Design 3229.3 Fault-Tolerant Controller Design 3249.4 Extension to an Unknown Input Case 3259.5 Aircraft Application 326
9.5.1 Transforming the system into standard form 3279.5.2 Simulation results 329
9.6 Router Fault Accommodation in Real Time 3309.6.1 Canonical controller and achievable behavior 3339.6.2 Router modeling and desired behavior 3349.6.3 Description of fault behavior 3369.6.4 A least restrictive controller 338
9.7 Fault Detection for Markov Jump Systems 3389.7.1 Introduction 3399.7.2 Problem formulation 3409.7.3 H∞ bounded real lemmas 3439.7.4 H∞ FD filter design 3459.7.5 Simulation 347
9.8 Notes 352References 353
10 Applications 35510.1 Detection of Abrupt Changes in an Electrocardiogram 355
10.1.1 Introduction 35510.1.2 Modeling ECG signals with an AR model 35610.1.3 Linear models with additive abrupt changes 35810.1.4 Off-line detection of abrupt changes in ECG 36110.1.5 Online detection of abrupt changes in ECG 363
10.2 Detection of Abrupt Changes in the Frequency Domain 36510.2.1 Introduction 36510.2.2 Problem formulation 36610.2.3 Frequency domain ML ratio estimation 36810.2.4 Likelihood of the hypothesis of no abrupt change 37210.2.5 Effect of an abrupt change 37410.2.6 Simulation results 382
10.3 Electromechanical Positioning System 38310.3.1 Introduction 38310.3.2 Problem formulation 38510.3.3 Test bed 386
Contents xiii
10.4 Application to Fermentation Processes 38710.4.1 Nonlinear faulty dynamic system 38810.4.2 Residual characteristics 38910.4.3 The parameter filter 39910.4.4 Fault filter 40010.4.5 Fault isolation and identification 40110.4.6 Isolation speed 40110.4.7 Parameter partition 40210.4.8 Adaptive intervals 40210.4.9 Simulation studies 405
10.5 Flexible-Joint Robots 41510.5.1 Problem formulation 41510.5.2 Fault detection scheme 41710.5.3 Adaptive fault accommodation control 42010.5.4 Control with prescribed performance bounds 42210.5.5 Simulation results 425
10.6 Notes 429References 430
A Supplementary Information 435A.1 Notation 435
A.1.1 Kronecker products 436A.1.2 Some definitions 437A.1.3 Matrix lemmas 438
A.2 Results from Probability Theory 440A.2.1 Results-A 440A.2.2 Results-B 441A.2.3 Results-C 441A.2.4 Minimum mean square estimate 442
A.3 Stability Notions 444A.3.1 Practical stabilizability 444A.3.2 Razumikhin stability 445
A.4 Basic Inequalities 447A.4.1 Schur complements 447A.4.2 Bounding inequalities 449
A.5 Linear Matrix Inequalities 453A.5.1 Basics 453A.5.2 Some standard problems 454A.5.3 The S-procedure 455
A.6 Some Formulas on Matrix Inverses 456A.6.1 Inverse of block matrices 456A.6.2 Matrix inversion lemma 457References 458
Index 459
Preface
In recent years, we have been witnessing sophisticated control systems designed to meetincreased performance and safety requirements for modern technological systems. Technicalexperience has indicated that conventional feedback control design for a complex system mayresult in an unsatisfactory performance, or even instability, in the event of malfunctions inactuators, sensors or other system components. In order to circumvent such weaknesses, newapproaches to control system design have emerged with the goal of tolerating componentmalfunctions while maintaining desirable stability and performance properties. These typesof control system are often known as “fault-tolerant control systems” (FTCS). The area offault-tolerant control systems is a complex interdisciplinary research field that covers a diverserange of engineering disciplines, such as modeling and identification, applied mathematics,applied statistics, stochastic system theory, reliability and risk analysis, computer communi-cations, control, signal processing, sensors and actuators, as well as hardware and softwareimplementation techniques.
Modern technological systems rely on sophisticated control systems to meet performanceand safety requirements. A conventional feedback control design for a complex system mayresult in unsatisfactory performance, or even instability, in the event of malfunctions in actua-tors, sensors or other system components. To overcome such weaknesses, new approaches tocontrol system design have been developed in order to tolerate component malfunctions whilemaintaining the required levels of stability and performance. This is particularly importantfor safety-critical systems, such as aircraft, spacecraft, nuclear power plants, and chemicalplants processing hazardous materials. In such systems, the consequences of a minor faultin a system component can be catastrophic. Therefore, the demand for reliability, safety andfault tolerance is generally high. It is necessary to design control systems which are capableof tolerating potential faults in these systems in order to improve the reliability and avail-ability while providing desirable performance. More precisely, FTCS are control systems thatpossess the ability to accommodate component failures automatically. They are capable ofmaintaining overall system stability and acceptable performance in the event of such failures.In other words, a closed-loop control system which can tolerate component malfunctions,while maintaining desirable performance and stability properties is said to be a fault-tolerantcontrol system [1].
The problem of fault monitoring has always been an area of much importance for researchdepartments in industry. This becomes even more of a priority when we are dealing withnonlinear systems. Monitoring of uncommon behavior of plant and detecting unprecedentedchanges in systems are essential for maintaining the health of a system, followed by the removal
xvi Preface
of faulty components, replacement with the better ones, restructuring system architecture, andthus improving overall system reliability. However, with the increasing complexity of modernnonlinear systems, process engineers are facing tough challenges to understand and trou-bleshoot possible system problems. Highly efficient fault-monitoring methods have become avaluable asset in the life of large systems.
This book is about the analysis and design methods of fault-tolerant control systems.Particular consideration is given to covering wide topics that have been treated in the literatureand presenting the results of typical case studies. The key feature is to provide a teaching-oriented volume supported by research.
The terminologies, conventions and notations that have been adopted throughout this bookare explicitly presented in place to facilitate smooth readibilty of the different sections. Theyare quite standard in the scientific media and vary only in form or character.
Magdi S. MahmoudDhahran, Saudi Arabia
Yuanqing XiaBeijing, China
March 2013
Reference
[1] Zhang, Y., and Jiang, J. (2008) “Bibliographical review on reconfigurable fault-tolerant control systems”, AnnualReviews in Control 32, 229–252.
Acknowledgments
The subject matter of fault-tolerant control systems is perhaps one of the most attractive areasof contemporary reserarch and development. It embodies fault diagnosis, fault estimation,fault identification, and fault isolation, to name but a few topics. The topics discussed in thisbook have constituted an integral part of our academic research investigation over the past fewyears. The idea of writing the book arose and developed through communication with Dr NigelHollingworth. We would like to acknowledge the tireless effort and professional support fromWiley, particularly from Anne Hunt and Tom Carter.
In writing this volume, we have taken the approach of referring within the text to papers orbooks which we believe have taught us some concepts, ideas and methods. We have furthercomplemented this by adding remarks and notes within and at the end of each chapter toshed light on other related results. We are indebted to the colleagues who introduced us to thesubject of fault-tolerant control systems and to the people who made the writing of this bookpossible.
Magdi Mahmoud owes a measure of gratitude to the management of King Fahd Universityof Petroleum and Minerals (KFUPM, Saudi Arabia) for continuous encouragement and facil-itating all sources of help. Particular appreciation goes to the deanship of scientific research(DSR) for providing a superb competitive environment for research activities through internalfunding grants. It is a great pleasure to acknowledge the financial funding afforded by DSRthrough Project IN121003 and for providing overall support of research activities at KFUPM.
During the past five years, Magdi Mahmoud has had the privilege of teaching variousgraduate courses at KFUPM. The updated and organized course notes have been instrumentalin generating chapters of this book. Valuable comments and suggestions by graduate studentshave been extremely helpful, particularly from those who attended the courses SE509, SE514,SE517, and SE650, offered by the Systems Engineering Department from 2007 to 2011.
Magdi Mahmoud deeply appreciates the efforts of Muhammad Sabih, Mirza H. Baig,Azhar M. Memon, Haris M. Khalid and Rohmat Widodo as well as Wen Xie from BIT fortheir unfailing help in preparing portions of the manuscript and performing numerous effectivesimulations.
The widely-recognized research work of Yuanqing Xia and his students on predictivecontrol and related topics at the School of Automation, Beijing Institute of Technology (BIT)has contributed effectively to several sections of this volume.
Most of all however, we would like to express our deepest gratitude to all the membersof our families and especially our wives, Salwa and Wang Fangyu, for their elegant style.
xviii Acknowledgments
Without their constant love, incredible amount of patience and (mostly) enthusiastic support,this volume would not have been finished.
We would appreciate any comments, questions, criticisms, or corrections that readers maytake the trouble of communicating to us at [email protected], [email protected] [email protected].
1Introduction
For more than three decades, the growing demand for safety, reliability, maintainability, andsurvivability in technical systems has created significant research interest in fault detectionand diagnosis (FDD). Such efforts have led to the development of many FDD techniques. Fora general exposure to the subject, the reader is directed to [1]–[5].
1.1 Overview
In the literature, fault detection and isolation or fault detection and identification are oftenused interchangeably and abbreviated as “FDI”. To be precise and avoid further confusion,this book adopts the term “FDI” to stand for “fault detection and isolation”; “FDD” is usedwhen the fault identification function is added to FDI. In FTCS designs, fault identification isimportant; therefore FDD is mainly used throughout this book to highlight the requirement offault identification.
On a parallel path, research into reconfigurable fault-tolerant control systems has increasedprogressively since the initial research on restructurable control and self-repairing flight controlsystems began in the early 1980s (see [6]–[10]). More recently, fault-tolerant control hasattracted more and more attention in both industry and academic communities due to increaseddemands for safety, high system performance, productivity and operating efficiency in widerengineering applications, not limited to traditional safety-critical systems. Several review orsurvey papers on FTCS have appeared since the 1990s including [11]–[16].
Fault tolerance is no longer limited to high-end systems and consumer products suchas automobiles. However it is increasingly dependent on microelectronic and mechatronicsystems, on-board communication networks, and software, thus requiring new techniquesfor achieving fault tolerance. Even though individual research on FTCS has been carriedout extensively, systematic concepts, design methods, and even terminology are still not yetstandardized. Recently, efforts have been made to unify some terminology [17]. In addition, forhistorical reasons and because of the complexity of the problem, most of the research on FDDand reconfigurable control (RC) has been treated as two separate fields. More specifically,most of the FDI techniques have been developed as a diagnostic or monitoring tool, rather
Analysis and Synthesis of Fault-Tolerant Control Systems, First Edition. Magdi S. Mahmoud and Yuanqing Xia.© 2014 John Wiley & Sons, Ltd. Published 2014 by John Wiley & Sons, Ltd.
2 Analysis and Synthesis of Fault-Tolerant Control Systems
than as an integral part of FTCS. As a result, some FDD methods may not satisfy the need ofcontroller reconfiguration. On the other hand, most of the research on reconfigurable controlis carried out assuming the availability of a perfect FDD. Little attention has been paid toanalysis and design with the overall system structure and interaction between FDD and RC.
For example, the following questions are posed:
• From the viewpoint of RC design what are the needs and requirements for FDD?• What information can be provided by existing FDD techniques for overall FTCS designs?• How can we analyze systematically the interaction between FDD and RC?• How can we design FDD and RC in an integrated manner for online and real-time
applications?
Many other challenging issues still remain open for further research and development. Oneof the motivations of this book is to provide an overview of developments in FTCS and toaddress some challenging problems to attract the attention of future research.
1.2 Basic Concepts of Faults
The terminology used in this book is fairly standard. Below, some basic definitions of faults,failure, disturbances and uncertainties, fault detection, fault isolation, fault identification, andfault diagnosis are given. The interested reader is referred to [18, 19, 20] for more detailedexplanation of the above mentioned terminology.
A “fault” is an unpermitted deviation of at least one characteristic property or parameter of asystem from the acceptable (standard condition). The closely related term “failure” is regardedas a permanent interruption of a system’s ability to perform a required function under specifiedoperating conditions. Failure is used for the complete breakdown of a system, while fault isused to indicate a deviation from the normal characteristics. As far as detection is concerned,both faults and failures can be treated alike. Moreover, a fault can be treated as an externalinput or as a parameter deviation which changes the system characteristics. Similar to faults,“disturbances”, “uncertainties”, and “noises” can also be treated as external inputs. In faultdetection and isolation (FDI) terminology, they are termed as “unknown inputs”. Unlike faults,these unknown inputs are uncontrolled, unavoidable and are present during normal operation.The effect of the unknown inputs can be incorporated into the controller design and a processcan perform well even in the presence of them. Faults, on the other hand, have very severeeffects on the process and should be detected.
The process of fault diagnosis is referred to as the determination of the size, location, timeof detection and type of fault in the process. Based on its performance, a fault diagnosissystem (FDS) is regarded as a fault detection (FD), fault detection and isolation (FDI) or faultdetection, isolation and analysis (FDIA) system [18]. An FD system is therefore the processof determining the fault in the process and its time of occurrence. An FDI system determinesin addition the kind and location of the fault. Similarly, an FDIA, together with detection andisolation, also aims to determine the size and time behavior of the fault. It is worth noting thatthe existence conditions for fault isolation are more stringent than for fault detection, and evenmore so in the case of fault identification. Consequently, it is difficult to isolate or identifyfaults in most situations.
Introduction 3
A fault detection system should ideally meet some general requirements. The most importantdesirable features are:
• early detection of faults (incipient and abrupt)• successful detection of actuator, component, and sensor faults• robustness against unknown inputs (external disturbances, measurement noises, and model
uncertainties)• differentiation of faults from unknown inputs so that false alarms are avoided• less use of online computation so that it can be integrated into large-scale systems easily.
Besides the above important attributes, the design procedure of an FD scheme should be assimple as possible.
1.3 Classification of Fault Detection Methods
There exist a number of techniques used for fault detection (FD) in technical processes ordynamical systems. In this section, we present the widely accepted classification of thesetechniques.
1.3.1 Hardware redundancy based fault detection
The essence of this scheme is replication of the process component using identical hard-ware components. Figure 1.1 shows a schematic description of the hardware redundancy.Information about the fault is extracted if there is any deviation of the output of the processcomponent from its redundant pair. Good reliability and the ability to isolate faults are themain advantages of this scheme. The major problems encountered with this scheme are theextra components, increased maintenance cost and additional space required to accommodatethe redundant equipment. Thus, its use is limited to a number of key applications, for example,nuclear power plants and flight-control systems [18, 21].
1.3.2 Plausibility test
Figure 1.2 shows a schematic depiction of the plausibility test. The basic idea of this techniqueis to evaluate the measured process variable with regard to credible, convincing values and
Component
Redundantcomponent(Hardware)
> 0: fault= 0: fault-free
+
–
Figure 1.1 Hardware redundancy scheme
4 Analysis and Synthesis of Fault-Tolerant Control Systems
Fault
u ySubsystem
Plausibilitycheck
Fault decision
Figure 1.2 Plausibility test scheme
their mutual compatibility. On the assumption that a fault leads to the loss of plausibility, thepresence of a fault in a certain variable can be determined using the plausibility check. It canbe performed by simple rules with binary logic. The plausibility test is also a kind of limitchecking but with a wider tolerance. This test can be viewed as a first step to model-based FDmethods. However, it has limited efficacy for detecting faults in a complex process [18, 19].
1.3.3 Signal-based fault diagnosis
Figure 1.3 shows a conceptual depiction of the signal-based FD technique. The central ideaof this scheme is to extract the fault information from the process signals. For this purpose,some signal properties (symptoms) are analyzed. These symptoms are generally divided intothe time domain characteristics and the frequency domain characteristics of the process signal.
Actuatorfaults
Actuator Process
Symptomgeneration
Symptomanalysis
Faultindication
Sensoru y
Componentfaults
Unknown input(Process disturbances, measurement
noises, parameter uncertainties)
Sensorfaults
Figure 1.3 Signal-based FD scheme
Introduction 5
The time domain characteristics comprise magnitude, mean (arithmetic or quadratic), limitvalues, trends, statistical moments of the amplitude distributions etc.; the frequency domaincharacteristics include spectral power densities and frequency spectral lines. Signal-based FDis used under steady-state operation of the process. The efficiency of this scheme is limitedwhen the process is operating in a wide range due to the possible variation of input signals [18].
1.3.4 Model-based fault detection
The intuitive idea of the model-based FD technique is to replace the hardware redundancyby a process model which is implemented in software. The process model runs in parallelwith the process itself and is driven by the same process inputs. In this way, the processbehavior can be reconstructed online. Analogous to hardware redundancy, this technique iscalled “software redundancy” or “analytical redundancy” [18]. It is well-known that model-based FD techniques are more powerful than signal-based FD schemes [22, 23] because theyuse more information about the process.
In a typical model-based FD scheme, there are two stages: residual generation and residualevaluation. In residual generation, the “residual signal” is generated by comparing the processoutputs with their estimates. The residual signal carries information about the faults. Sincethe residual signal, in a real process, is affected by the faults, disturbances, and measurementnoises simultaneously, it is required to process the residual signal further to obtain possibleinformation about faults. This is done in the residual evaluation stage.
It is widely accepted that a process model represents the qualitative and quantitative behaviorof the process and can be obtained by utilizing well-established techniques from systemmodeling. The quantitative or analytical model of the process can be represented by a setof differential or difference equations while the qualitative model is expressed in terms ofqualitative functions centered around different units in the process. The qualitative models arealso known as “knowledge-based models”, which include neural networks, petri nets, expertsystems, fuzzy logic etc. [22, 23] Based on these arguments, model-based FD schemes can bedivided into two classes: knowledge-based and analytical.
Knowledge-based FD techniques are useful where the precise model is not available oris very hard to obtain, for example, large-scale chemical processes and nuclear reactors.An extensive study of knowledge-based FD methods can be found in [22, 24, 25, 26, 27].Analytical model-based FD techniques, on the other hand, make use of analytical models forthe purpose of residual generation. The analytical techniques can be broadly classified as:
• Parity space FD• Observer-based FD• Parameter-identification-based FD.
The rest of this section describes these approaches.
1.3.4.1 Parity space approach
Figure 1.4 shows a conceptual diagram of the parity space approach to residual generation. Theparity space approach makes use of a parity check on the consistency of the parity equation.
6 Analysis and Synthesis of Fault-Tolerant Control Systems
Processinput
Actuator Process Sensor
Unknown inputs
Model-basedredundancy
Post filter+–Residual
as a function ofdisturbance, modeluncertainties and
faults
Residual generation
Residualprocessing
Decisionlogic
Threshold
Residual evaluation
Knowledgeof faults
Actuatorfaults
Componentfaults
Sensorfaults
Processoutput
Figure 1.4 Parity space approach
A set of properly modified system equations (also called “parity relations”) is derived basedon measured signals from the process. These parity relations decouple the residuals from thesystem states and from each other. This enhances the ability to detect faults. Inconsistency inthe parity relations indicates the presence of a fault. In [28], the parity relations were derivedbased on the state-space model of the system; later, they were derived using the system transferfunction [29]–[32].
As mentioned in [18, 23], there exists a close relationship between the parity space approachand the observer-based approach. An extensive study on parity space D is presented in [18],where it is been shown that there exists a one-to-one mapping between the design parametersof observer and parity space based residual generation. Thus, given a set of parity relations, adiagnostic observer can be designed and vice versa.
1.3.4.2 Observer-based approach
The observer-based technique, see Figure 1.5, is one of the most commonly applied model-based schemes for detection of faults in a system. In this scheme, the residual signal is obtained
Introduction 7
Processoutput
Residual
Processinput
+– Parityvector
Hu,s
Figure 1.5 Observer-based residual generation
by comparing the process outputs with their estimates. It is worth noting that observers aremainly used by the control community in order to estimate the unmeasured states in theprocess, while the FDI community use them for diagnostic purposes. The existence conditionsfor diagnostic observers are more relaxed than for a state observer, however one particularclass of diagnostic observer (the fault detection filter (FDF)) can be used for state estimationas well as diagnostic purposes.
1.3.4.3 Parameter identification approach
The parameter identification approach, see Figure 1.6, is also an important FDI technique[22, 33, 34]. In this approach, fault detection is performed based on online parameter estima-tion. Information about the fault can be extracted by comparing the estimated parameter withthe nominal process parameter. Any discrepancy between the two gives an indication of fault.The advantages of this scheme are as follows:
• Several parameters can be estimated with less input and output from the process [19].• It yields the size of the discrepancy, which is useful for fault analysis [22].
The disadvantage is that an excitation signal is necessary in order to estimate the parameter,which may cause problems in the case of processes running at stationary operating point.Further, the determination of a physical parameter from its mathematical model may not, in
Processoutput
Processinput
Nominalprocessmodel
Post filter+–
Observergain
Residual
Figure 1.6 Parameter identification scheme
8 Analysis and Synthesis of Fault-Tolerant Control Systems
general, give a unique result and is only feasible if the system order is low [22]. There areseveral parameter estimation techniques available in the literature, among them are the leastsquare (LS) method, the recursive least square(RLS) method, the extended least square (ELS)method etc.
1.4 Types of Fault-Tolerant Control System
Generally speaking, FTCS can be classified into two types: passive fault-tolerant controlsystems (PFTCS) and active fault-tolerant control systems (AFTCS). In PFTCS, controllersare fixed and are designed to be robust against a class of presumed faults [8]. This approachneeds neither FDD schemes nor controller reconfiguration, but it has limited fault-tolerantcapabilities. Discussions of PFTCS are beyond the scope of this book and interested readersare referred to [35, 36] and the references therein for recent developments. In the literature,PFTCS are also known as “reliable control systems” or “control systems with integrity”.
In contrast to PFTCS, AFTCS react actively to system component failures by reconfig-uring control actions so that the stability and acceptable performance of the entire systemcan be maintained. In certain circumstances, degraded performance may have to be accepted[37]. AFTCS are also referred to as “self-repairing”, “reconfigurable”, “restructurable”, or“self-designing” control systems by some researchers. From the viewpoint of functionality inhandling faults, AFTCS were also called fault detection, identification (diagnosis) and accom-modation schemes by other researchers. In such control systems, the controller compensatesfor the impacts of the faults either by selecting a pre-computed control law or by synthesizinga new one online. To achieve a successful control system reconfiguration, both approaches relyheavily on real-time FDD schemes to provide the most up-to-date information about the truestatus of the system. Therefore, the main goal in a fault-tolerant control system is to design acontroller with a suitable structure to achieve stability and satisfactory performance, not onlywhen all control components are functioning normally, but also in cases when there are mal-functions in sensors, actuators, or other system components (for example, in the system itself,in control computer hardware or in software). This book focuses only on aspects pertaining toAFTCS.
1.5 Objectives and Structure of AFTCS
The design objectives for AFTCS include the transient and the steady-state performancefor the system, not only under normal operations but also under fault conditions. It is importantto point out that the emphasis on system behaviors in these two modes of operation can besignificantly different. During normal operation, more emphasis should be placed on thequality of the system behavior. In the presence of a fault, however, how the system surviveswith an acceptable (probably degraded) performance becomes a predominant issue. Typically,an AFTCS can be divided into four subsystems):
• an FDD scheme;• a reconfigurable controller;• a controller reconfiguration mechanism;• a command/reference governor.
Introduction 9
Inclusion of both an FDD scheme and reconfigurable controllers within the overall systemstructure is the main feature distinguishing an AFTCS from a PFTCS. Key issues in AFTCSare how to design:
• a controller which can easily be reconfigured;• an FDD scheme with high sensitivity to faults and robustness to model uncertainties,
operating condition variations, and external disturbances;• a reconfiguration mechanism which leads as much as possible to the recovery of the pre-fault
system performance in the presence of uncertainties and time-delays in FDD, within theconstraints of control inputs and system states.
The critical issue in any AFTCS is the limited amount of time available for the FDD and forthe control system reconfiguration. Furthermore, in the case of failure, efficient utilization andmanagement of redundancy (in hardware, software and communication networks), stability,and a transient and a steady-state performance guarantee are some of the important issues toconsider in AFTCS.
The overall structure of a typical AFTCS is shown in Figure 1.7. In the FDD module,any fault in the system should be detected and isolated as quickly as possible, and faultparameters, system state/output variables, and post-fault system models need to be estimatedonline in real-time. Based on the online information about the post-fault system model, thereconfigurable controller should be designed to maintain automatically the stability, desireddynamic performance and steady-state performance. In addition, in order to ensure the closed-loop system tracks a command input trajectory in the event of faults, a reconfigurable feed-forward controller often needs to be synthesized. To avoid potential actuator saturation and totake into consideration the degraded performance after fault occurrence, a command/referencegovernor may also need to be designed to adjust command input or reference trajectoryautomatically.
System
Fault Detectionand Diagnosis
(FDD)
Actuatorfaults
ReconfigurableFeedforword
Controller
Command(Reference)Governor
Systemfaults
Sensorfaults
ReconfigurationMechanism
ReconfigurableFeedbackController
v
z
w
urSensorsActuators
–
Figure 1.7 General structure of an AFTCS
10 Analysis and Synthesis of Fault-Tolerant Control Systems
Based on the described structure, the design objectives of an AFTCS can be stated as:
• to have an FDD scheme that provides, as precisely as possible, information about a fault(time, type and magnitude) and the post-fault model;
• to have a new control scheme (reconfigurable or restructurable) to compensate for thefault-induced changes in the system so that stability and an acceptable closed-loop systemperformance can be maintained.
It is important to point out that not only do the parameters of the controllers need to berecalculated, but also the structure of the new controllers (in terms of their order, number andtype) might be changed. A corresponding AFTCS is often referred to as a “restructurable con-trol system” to emphasize that the controller structure can change. Note that, in the literature,there are generally two ways of classifying AFTCS. One classifies them as reconfigurableversus restructurable; the other differentiates them as accommodation versus reconfiguration.In this book, we adopt the former definition. So long as there is no confusion, we use the term“reconfigurable control” in subsequent sections.
1.6 Classification of Reconfigurable Control Methods
Reconfigurable control methods can be broadly classified into several categories. The twomost common categories are those based on control algorithms and those based on fields ofapplication.
1.6.1 Classification based on control algorithms
In the literature, reconfigurable control design methods fall into one of the followingapproaches: linear quadratic; pseudo-inverse or control mixer; gain scheduling or linear param-eter varying; (model reference) adaptive control or model following; eigenstructure assign-ment; multiple-model; feedback linearization or dynamic inversion; Hoo and other robustcontrols; model predictive control; variable structure and sliding mode control; generalizedinternal model control; and intelligent control using expert systems, neural networks, fuzzylogic and learning methodologies. Detailed classification can be carried out according to thefollowing criteria:
• mathematical design tools: These include linear quadratic (LQ), intelligent control (IC),gain scheduling (GS)/linear parameter varying (LPV), adaptive control (AC), feedbacklinearization (FL)/dynamic inversion (DI), H∞ and robust control, qualitative feedbacktheory (QFT), multiple model (MM), model predictive control (MPC), variable structurecontrol (VSC)/sliding mode control (SMC)and generalized internal model control (GIMC);
• design approaches: These include pre-computed control laws (such as GS/LPV, MM, QFTand GIMC) or online automatic redesign (such as LQ, AC, FL/DI, VSC/SMC and MPC);
• reconfiguration mechanisms: These include optimization, switching, matching, followingand compensation;
• types of system to be dealt with, whether linear or nonlinear.
